package com.trendytech.tds.common.security;

import java.util.ArrayList;
import java.util.Collection;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Map.Entry;

import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.access.ConfigAttribute;
import org.springframework.security.access.SecurityConfig;
import org.springframework.security.web.FilterInvocation;
import org.springframework.security.web.access.intercept.FilterInvocationSecurityMetadataSource;
import org.springframework.security.web.util.RegexRequestMatcher;

import com.trendytech.tds.entity.Role;


public class SecurityMetadataSource implements
		FilterInvocationSecurityMetadataSource {
	private static final Log logger = LogFactory
			.getLog(SecurityMetadataSource.class);

	private Map<String, Collection<ConfigAttribute>> resourceMap;
/*	@Autowired
	private IResourceService resourceService;
	@Autowired
	private IRoleService roleService;*/

	@Override
	public Collection<ConfigAttribute> getAllConfigAttributes() {
		return null;
	}

	@Override
	public Collection<ConfigAttribute> getAttributes(Object object)
			throws IllegalArgumentException {
		String requestUrl = ((FilterInvocation) object).getRequestUrl();
		if (logger.isDebugEnabled()) {
			logger.debug("requestUrl is " + requestUrl);
		}
		if (resourceMap == null) {
			loadResourceDefine();
		}
		Iterator<Entry<String, Collection<ConfigAttribute>>> iterator = resourceMap
				.entrySet().iterator();
		while (iterator.hasNext()) {
			Map.Entry<String, Collection<ConfigAttribute>> entry = (Map.Entry<String, Collection<ConfigAttribute>>) iterator
					.next();
			if(StringUtils.isNotEmpty(entry.getKey())){
				RegexRequestMatcher m = new RegexRequestMatcher(entry.getKey(),
						null);
				if (m.matches(((FilterInvocation) object).getHttpRequest())) {
					return entry.getValue();
				}
			}
		}
		return resourceMap.get(requestUrl);
	}

	@Override
	public boolean supports(Class<?> arg0) {
		return true;
	}

	// 加载所有资源与权限的关系
	private void loadResourceDefine() {
/*		if (resourceMap == null) {
			resourceMap = new HashMap<String, Collection<ConfigAttribute>>();
			List<Resource> resources = this.resourceService.getAll();
			for (Resource res : resources) {
				if(StringUtils.isBlank((res.getUrl()))){
					continue;
				}
				List<Role> roles = roleService.getByResourceId(res.getId());
				Collection<ConfigAttribute> configAttributes = resourceMap.get(res.getUrl());
				if(configAttributes == null){
					configAttributes = new ArrayList<ConfigAttribute>();
				}
				// 以权限名封装为Spring的security Object
				for (Role role : roles) {
					ConfigAttribute configAttribute = new SecurityConfig(
							role.getName());
					configAttributes.add(configAttribute);
				}
				resourceMap.put(res.getUrl(), configAttributes);
			}
		}*/

	}
}
